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DETAILED ACTION 
Response to Amendment/Arguments 

1. Applicant's arguments with respect to claims 1-6 have been considered but are moot in 
view of the new ground(s) of rejection. 

2. Claims 1-6 are pending. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtajged though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1-3 are rejected under 35 U.S.C. 103(a) as being unpatentable over Challender et 
al. USPN 6,959,390 Bl in view of Matyas, Jr. et al. USPN 6,947,556 Bl and Hind et al. USPN 
6,980,660 Bl. 

Regarding claim 1, Challener et al. teaches a method of production and distribution of 
asymmetric public and private keys to provide certifications of transactions (fig. 4), comprising 
the steps of: 

providing a key generation center in charge of generating a plurality of asymmetric 
public and private keys to be used to provide certificates of transactions (fig. 4 element 402 and 
408; plurality of private/public keys is generated for certifications), 
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generating certificates comprising a public key and a private key in a first cryptographic 
unit (KPG) of the key generation center (claim 6 and col. 3 lines 17-31), 

coding the private key by means of a service key in the key generation center in the first 
cryptographic unit (KPG) (col*2 lines 59-67; encrypting private key of the user using master 
public key of the key generator) and storing said coded private key in a key memory (KPS) of the 
key generation center (claim 1 ; encrypting user 's private keys and storing encrypted keys), 

when preparing to send the public and private keys to a user unit, extracting the keys 
from the key memory (KPS), alid composing the certificates with the public key (col. 3 lines 17- 
3 1 , and claim 1 ; extracting the keys from storage to be transmitted to users and attaching 
certificate for user 's application to access the keys), 

decoding the corresponding private key by means of a service key in a cryptographic 
security module and coding it with a transport key of the user (claim 1 and 6; encrypted keys are 
extracted, decrypted using master private key, and encrypted using user's public key), 

Challender et al. discloses coding the private key by means of a public master key. 
Challender et al. fails to disclose encrypting the private key by means of secret service key. 

However Matyas, JR. et al. discloses the well-known encryption of private key encrypting 
key method (col. 1 lines 53-col. 2 lines 58; encrypting the first key with the second personal key 
and further encrypting the first key with control key.,.). 

Therefore it would have been obvious to one having ordinary skill in the art at the time of 
the invention was made to combine the teachings of Matyas, Jr. et al. with in the system of 
Challender et al. because they are analogous in key management. One would have been 
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motivated to do so because it would further secure key by encrypting keys using a well-known 
method of private key. ® 

The combination of Challender et al. and Maty as, JR. et al. disclose generating a master 
key pair (pub/priv key pair), and generating a unique user key pair for plurality of users, and 
encrypting each users pub/private key pairs using master public key/personal key and storing 
master public key in a protected storage and storing encrypted user key pairs in unsecured 
storage securely (Challender et al. abstract, and Matyas, Jr. et al. col. 1 lines 53-col. 2 lines 58). 
When a user requests an application, the encryption engine decrypts the encrypted user key pairs 
to encrypt message (see Challender et al. claims 1-2). The generated user private public key 
pairs are accessed by an application of a user's system (Challender et al. col. 3 lines 10-16). The 
combination fails to explicitly disclose transmitting the public key and the encrypted private key 
to a user unit. However Hind et al. discloses a server generating a public/private key pair and 
associated certificate for the enterprise device and securely transmits these generated data items 
to the device for which they were generated (see col. 8 lines 56-67). 

Therefore it would have been obvious to one having ordinary skill in the art at the time of 
the invention was made to employ the teachings of Hind et al. with in the combination system 
because they are analogous in cryptography. One would have been motivated to do so because it 
is obvious to transmit both private key and public key to user's device after generating the pairs. 

Regarding claim 2, Hind et al. discloses a method characterized in that the encrypted private key 
is received by the user unit (DEC) and transmitted to the security module (SM) containing the 
transport key for decoding and storing the private key (col. 8 lines 23-24). It would have been 
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obvious to one having ordinary skill in the art at the time of the invention was made to store the 
user's private key in the user's^device because it is private to the user and the user can use it to 
decrypt data. 

Regarding claim 3, Challender et al. further discloses teaches a method characterized in that it 
comprises in using several monolithic cryptographic unit to obtain a high speed coding module 
(col. 5 lines 5-41). 

5. Claims 4-6 are rejected under 35 U.S.C. 103(a) as being unpatentable over Challender et 
al. USPN 6,959,390 Bl in view of Matyas, Jr. et al. USPN 6,947,556 Bl, and Hind et al. USPN 
6,980,660 Bl, and further in view of Tarpenning et al. USPG PUB 2002/0007454 Al. 

Regarding claims 4, 5, and 6, Challender et al., Matyas, JR. et al., and Hind et al. teach all the 
subject mater as described above. Challender et al., Matyas, JR. et al., and Hind et al. fail to 
explicitly disclose coding the public key of the center with the transport key, transmitting it to 
user unit, receiving it at the users unit, decoding and it at the user unit. 

However Tarpenning et al. teaches a method characterized in that it comprises in: 
coding the public key of the center with the transport key and transmitting it to the user 
unit (DEC) (0032), 

receiving by the user unit, the encrypted public key and transmitting it to the security 
module (SM) (fig. 2), 
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decoding and storing the public key by means of the transport key inside the security 
module (SM) (0033). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
oft the invention was made to employ the teachings of encrypting the public key of the center 
using the user's public key/transport key within the combination system because they are 
analogous in generation of keys and certificates. One would have been motivated to incorporate 
the teachings of Tarpenning et al. within the combination system because it would allow secure 
authentication of users identity. 

Conclusion 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272-3867. 
The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser R. Moazzami can be reached on (571) 272-4195. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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